Splunk For Security Analysts

Beginner 0(0 Ratings) 1 Students enrolled English
Created by InterDecima Systems
Last updated Wed, 28-May-2025
+ View more
Course overview

What will i learn?

Requirements
Curriculum for this course
80 Lessons 14:52:07 Hours
Intro
2 Lessons 00:28:03 Hours
  • Welcome
    Preview 00:07:43
  • The Power of Splunk
    Preview 00:20:20
Using Search to Find Suspicious Events
7 Lessons 00:55:13 Hours
  • Finding HTTP Connections to Servers by IP
    Preview 00:06:01
  • Searching Two Data Sources for a Common Indicator
    Preview 00:13:00
  • Finding Traces of Look-A-Like Domains
    Preview 00:08:03
  • Using Geolocation to Find Anomalous Connections
    Preview 00:04:55
  • First Time Logins for Users on a Machine
    Preview 00:05:57
  • Identifying Password Guessing Attempts with Failed and Successful Logins
    Preview 00:08:30
  • Identifying High Network Bandwidth Consumption from a Baseline
    Preview 00:08:47
Data Models
2 Lessons 00:28:29 Hours
  • Understanding Data Models
    Preview 00:17:10
  • Searching with Data Models
    Preview 00:11:19
Visualizations and Dashboards
10 Lessons 01:44:23 Hours
  • Exploring Visualizations
    Preview 00:10:34
  • Building a Static Dashboard
    Preview 00:13:04
  • Adding a Shared Time Range Picker
    Preview 00:08:23
  • Building a Dynamic Form Using Tokens
    Preview 00:10:27
  • Using a Basesearch to Improve Loading Times - Part 1
    Preview 00:15:58
  • Using a Basesearch to Improve Loading Times - Part 2
    Preview 00:10:21
  • Configuring Drilldowns
    Preview 00:11:18
  • Using Conditions in Drilldowns
    Preview 00:10:54
  • Customizing Navigation
    Preview 00:07:38
  • Exploring Dashboard Studio
    Preview 00:05:46
Sharing, Scheduling and Alerting
7 Lessons 01:28:57 Hours
  • Sharing the Results of a Search
    Preview 00:11:56
  • Creating and Sharing Reports
    Preview 00:11:26
  • Scheduling Reports
    Preview 00:19:58
  • Accelerate Reports
    Preview 00:13:12
  • Accelerate Reports
    Preview 00:13:12
  • Creating Alerts
    Preview 00:11:11
  • Configuration Using savedsearchesconf
    Preview 00:08:02
Enrichment and Advanced Filtering
7 Lessons 01:10:05 Hours
  • File-Based Lookups
    Preview 00:10:07
  • Using the Splunk App for Lookup File Editing
    Preview 00:01:46
  • Key Value Store-Based Lookups
    Preview 00:11:35
  • External Lookups
    Preview 00:10:28
  • Automatic Lookups
    Preview 00:08:37
  • Advanced Lookup Options
    Preview 00:12:00
  • Subsearches
    Preview 00:15:32
Find Explore Date
19 Lessons 04:03:32 Hours
  • Onboarding the BOTSv2 Data Set into Your Lab
    Preview 00:13:11
  • Search Components
    Preview 00:14:17
  • Search Modes
    Preview 00:10:24
  • Search
    Preview 00:25:03
  • Time
    Preview 00:07:49
  • Fields, Table, and Sort
    Preview 00:09:49
  • Top and Rare
    Preview 00:06:03
  • Top and Rare
    Preview 00:06:03
  • Eval
    Preview 00:04:26
  • Where
    Preview 00:04:43
  • Rex
    Preview 00:07:44
  • The Power of the Stats Command
    Preview 00:23:26
  • Eventstats 2
    Preview 00:07:43
  • Streamstats
    Preview 00:13:42
  • Chart and Timechart
    Preview 00:24:44
  • Joining Datasets Efficiently
    Preview 00:16:35
  • More Searching Tips
    Preview 00:09:44
  • Building Reusable Search Elements Using Macros
    Preview 00:16:00
  • Enriching Data with Lookups
    Preview 00:22:06
Data Onboarding
9 Lessons 01:45:13 Hours
  • Creating a Text Index - Solution
    Preview 00:07:46
  • Onboarding Exported Windows Event Logs
    Preview 00:00:00
  • Onboarding Windows Registry Data
    Preview 00:09:47
  • Onboarding Linux Logs
    Preview 00:00:19
  • Onboarding Apache Web Server Logs
    Preview 00:19:05
  • Onboarding CSV Files
    Preview 00:20:04
  • Onboarding Custom Data Sources
    Preview 00:21:30
  • Extracting Fields Using EXTRACT
    Preview 00:20:38
  • Extracting Fields Using REPORT
    Preview 00:06:04
Troubleshooting Splunk
3 Lessons 00:39:55 Hours
  • Troubleshooting - Changes Not Taking Effect
    Preview 00:14:33
  • Troubleshooting - Inputs are Not Showing Up in Index
    Preview 00:22:53
  • Applying Changes without Restarting Splunk
    Preview 00:02:29
Splunk Overview and Data Pipeline
8 Lessons 01:39:23 Hours
  • Components of a Splunk Environment
    Preview 00:16:56
  • How Data Travels Through Splunk
    Preview 00:10:40
  • Introduction to Indexes
    Preview 00:04:31
  • Introduction to Indexes
    Preview 00:04:31
  • A First Overview of the Splunk GUI
    Preview 00:12:37
  • Enable a Receiver for Splunk Enterprise
    Preview 00:18:41
  • Understanding Apps
    Preview 00:15:44
  • Shipping Windows Event Logs to Splunk
    Preview 00:15:43
Lab Preparation
4 Lessons 00:24:51 Hours
  • Lab Configuration Overview
    Preview 00:03:06
  • Installing Splunk on Linux
    Preview 00:10:34
  • Installing the Splunk Universal Forwarder on Windows
    Preview 00:05:49
  • Installing the Splunk Universal Forwarder on Linux
    Preview 00:05:22
Course Wrapup
2 Lessons 00:04:03 Hours
  • Going Further
    Preview 00:02:55
  • Course Wrap-Up
    Preview 00:01:08
+ View more
Other related courses
About instructor

InterDecima Systems

0 Reviews | 12 Students | 17 Courses
Student feedback
0
0 Reviews
  • (0)
  • (0)
  • (0)
  • (0)
  • (0)

Reviews

$50
Includes: